Date: Tue, 24 Nov 2009 08:22:21 -0800 > From: wolfgang.rupprecht@xxxxxxxxx (Wolfgang S. Rupprecht) > Subject: Re: F12 Bind and Dnssec > To: <fedora-list@xxxxxxxxxx> > Message-ID: <87ljhvgaf6.fsf@xxxxxxxxxxxxxxx> > Content-Type: text/plain; charset=us-ascii > > > Ed Gurski <ed@xxxxxxxxxx> writes: > > I noticed that early this morning, changed it and still had the same > > problem. I'm wondering if SELinux is getting in the way? > > It is still saying "expected IP address near 'dnssec-enable'"? This is > after a "service dns restart"? You are really editing /etc/named.conf > and there isn't a typo somewhere? > > That doesn't feel like an selinux issue at all. It seems like the BIND > parser thinks you are giving it the dnssec-enable in the context where > it was expecting an address. > > I wonder if "named-checkconf" will tell you anything useful. > > -wolfgang Wolfgang: Found the problem. It wasn't anything I waas looking at. Instead it was the file /etc/pki/dnssec-keys/named.dnssec.keys file that was corrupted? Not sure how that happened, but I installed Bind on another F12 machine with the same configuration (except the DNS server was the new machine) and everything worked. I then noticed that the named.dnssec.key file size was different, so I copied it over and now it's working properly. I still get no valid DS resolving xxxxxx, so I'm not sure what else I need to do... thanks again and sorry for the late reply... -- Ed Gurski Linux User # 458454 http://counter.li.org On Tue, 2009-11-24 at 12:00 -0500, fedora-list-request@xxxxxxxxxx wrote: -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
